Several states that issued shelter-in-place orders or required nonessential businesses to close to slow the spread of COVID-19, reference or rely upon the Department of Homeland Security's Cybersecurity & Infrastructure Security Agency (CISA) Guidance on the Essential Critical Infrastructure Workforce in their own directives on what businesses are permitted to continue operating. This guidance will continue to play a major role in the reopening of businesses across many states.

While it has been only advisory so far, CISA's guidance has changed dramatically as the result of a May 19, 2020 update, which follows the agency's April 17, 2020 update (which itself made drastic changes to the prior version from March 28, 2020). Version 3.1 provides clarity around a range of positions needed to support the critical infrastructure functions laid out in the original guidance and updates thereto. This iteration includes meaningful changes to the "Healthcare and Public Health" section, the “Food and Agriculture” section, as well as other changes to multiple sections.

As a result of these updates, your business may now have an argument or guidance it can cite to argue that it can safely operate. Of course, if that is the case, your company MUST continue to follow the sanitization, cleaning and social distancing requirements outlined by the Department of Health in your state and the Centers for Disease Control and Prevention.